"Linux Gazette...making Linux just a little more fun!"


The Answer Guy


By James T. Dennis, answerguy@ssc.com
Starshine Technical Services, http://www.starshine.org/


(?)Quotas for Outgoing e-mail

From tng on 14 Sep 1998

I've been searching for 3 days on setting up some kind of e-mail quota to restrict the abount of e-mail that can be sent by aparticular person. I been to altavista did a search that turned up 1700 maches none of which were of any help. I went to sendmail.org and browsed their their online documentation, gone through news group archives to find myself still wondering if there is software available to do it. I found lots of info about setting up bulk e-mailers and stopping incomming spam but nothing for stopping my local users from bulk e-mailing and spamming others. I would be greatful for any help on this matter.

thanks in advance... tng

(!)Well, that's a new one. I don't know of any package that does this.
I'm sure it can be done --- you could define a custom mailer (one of those funny looking Mprog lines in a sendmail.cf file). Let's call this the quota mailer --- you'd then define that as the mailer to over-ride the built-in smtp mailer. You're quota mailer could then be reponsible for counting messages, addresses, bytes, etc and updating a database of authorized users and relayers --- and then relaying the mail into a queue where a different sendmail (using a different configuration) would send it out (probably as a regular 'cron' job).
The quickest way to get such a beast built might be to hire a consultant like Robert Harker (he specializes in 'sendmail' and teaches tutorials in it http://www.harker.com).
For qmail or VMailer there might be an easier way.
Another problem you'll have with this is that you'd have to prevent people from bypassing all of your mail user agents and sending their mail using some custom program that they've installed themselves. This could work by simply opening a TCP connection to the smtp port (25) of their addressee's sites (or any open relayer) directly. You'd have to put packet filters on all of your egress routes (firewalls and border routers) to prevent this, thus forcing your customers/user to use your outbound relay.
There are several commercial products that do filtering of outbound mail (MIMESweeper, WebShield, that sort of thing). They purport to protect companies from insiders who might be mailing company secrets out to their competitors. In general I think this is a pathetic approach to the risk (they can easily shove the data on a diskette, Zip disk or whatever, and mail it; or they can encrypt it --- using pkzip with it's "scramble" encryption and mail that as a "bitmap" --- or they can use freely available tools to do some serious steganography).
However, these "mail firewalls" may be adaptable to your needs. Also, there may be some free one floating around that I haven't heard of.
The best place to ask for more info on this is in the comp.mail.sendmail newsgroup (I don't know of a general mail transfer agents newsgroup -- so c.m.sendmail seems to get all of that traffic. I expect there'll be a comp.mail.qmail and a comp.mail.vmailer eventually).
I suppose you could also ask in comp.security.firewalls --- and you could dig up the mailing lists for qmail, VMailer and the firewalls mailing list (which recently moved off of Brent's site at Great Circle Associates and is hosted by some friends of his at GNAC) --- you'll have to spend some quality Yahoo!/Deja News/Alta Vista time hunting down those venues.


Copyright © 1998, James T. Dennis
Published in Linux Gazette Issue 34 November 1998


[ Answer Guy Index ] apache current digi ether goodtimes intlX largedisk
maybe numlock quota recovery script serial session
sound tape testsuite w95ie w95ras w95virus xdm


[ Table Of Contents ] [ Front Page ] [ Previous Section ] [ Next Section ]